Global rate limit for tcp

src/freedombone-mesh-batman

@@ -89,6 +89,15 @@ if [ -e /etc/default/batctl ]; then
     . /etc/default/batctl
 fi
 
+function global_rate_limit {
+    if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then
+        echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf
+    else
+        sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf
+    fi
+    sysctl -p
+}
+
 function status {
     batctl o
 }
@@ -175,6 +184,8 @@ function start {
         sudo rm /etc/avahi/services/udisks.service
     fi
 
+    global_rate_limit
+
     # Might have to re-enable wifi
     rfkill unblock $(rfkill list|awk -F: "/phy/ {print $1}") || true
 

src/freedombone-mesh-reset

@@ -32,19 +32,23 @@ export TEXTDOMAIN=${PROJECT_NAME}-mesh-reset
 export TEXTDOMAINDIR="/usr/share/locale"
 
 dialog --title $"New Identity" \
-	   --backtitle $"Freedombone Mesh" \
-	   --defaultno \
-	   --yesno $"\nDo you want to reset your identity? This will reset ALL data for this peer, and you will not be able to recover it." 8 60
+       --backtitle $"Freedombone Mesh" \
+       --defaultno \
+       --yesno $"\nDo you want to reset your identity? This will reset ALL data for this peer, and you will not be able to recover it." 8 60
 sel=$?
 case $sel in
-	0) sudo pkill qtox
-	   sudo pkill firefox
-	   sudo pkill iceweasel
-	   sudo ${PROJECT_NAME}-image-mesh $USER new
-	   sudo batman restart
-	   dialog --title $"New Identity" \
-			  --msgbox $"You now have a new identity" 6 40
-	   ;;
+    0) sudo pkill qtox
+       sudo pkill firefox
+       sudo pkill iceweasel
+       sudo ${PROJECT_NAME}-image-mesh $USER new
+       sudo batman restart
+       if [ -f $HOME/mesh-desktop.sh ]; then
+           $HOME/mesh-desktop.sh
+       else
+           dialog --title $"New Identity" \
+                  --msgbox $"You now have a new identity" 6 40
+       fi
+       ;;
 esac
 
 exit 0

src/freedombone-utils-firewall

@@ -37,6 +37,15 @@ function save_firewall_settings {
     chmod +x /etc/network/if-up.d/iptables
 }
 
+function global_rate_limit {
+    if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then
+        echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf
+    else
+        sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf
+    fi
+    sysctl -p
+}
+
 function enable_ipv6 {
     # endure that ipv6 is enabled and can route
     sed -i 's/net.ipv6.conf.all.disable_ipv6.*/net.ipv6.conf.all.disable_ipv6 = 0/g' /etc/sysctl.conf
@@ -47,10 +56,10 @@ function enable_ipv6 {
 }
 
 function configure_firewall {
-	if [ $INSTALLING_MESH ]; then
-		mesh_firewall
-		return
-	fi
+    if [ $INSTALLING_MESH ]; then
+        mesh_firewall
+        return
+    fi
     if grep -q "RELATED" /etc/firewall.conf; then
         # recreate the firewall to remove RELATED
         sed -i "/firewall/d" $COMPLETION_FILE